Merge pull request #15 from ory-am/unstaged

Policy changes and more tests

README.md

@@ -232,29 +232,29 @@ To generate files *rs256-private.pem* and *rs256-public.pem* in the current dire
 
 ```
 NAME:
-   hydra-host jwt create-keypair - Create a JWT PEM keypair.
+   hydra-host jwt generate-keypair - Create a JWT PEM keypair.
 
    You can use these files by providing the environment variables JWT_PRIVATE_KEY_PATH and JWT_PUBLIC_KEY_PATH
 
 USAGE:
-   hydra-host jwt create-keypair [command options] [arguments...]
+   hydra-host jwt generate-keypair [command options] [arguments...]
 
 OPTIONS:
-   -i, --private-file-path "rs256-private.pem"  Where to save the private key PEM file
-   -u, --public-file-path "rs256-public.pem"    Where to save the private key PEM file
+   -s, --private-file-path "rs256-private.pem"  Where to save the private key PEM file
+   -p, --public-file-path "rs256-public.pem"    Where to save the private key PEM file
 
 ```
 
 #### Create a TLS certificate
 
 ```
 NAME:
-   hydra-host tls create-dummy-certificate - Create a dummy TLS certificate and private key.
+   hydra-host tls generate-dummy-certificate - Create a dummy TLS certificate and private key.
 
    You can use these files (in development!) by providing the environment variables TLS_CERT_PATH and TLS_KEY_PATH
 
 USAGE:
-   hydra-host tls create-dummy-certificate [command options] [arguments...]
+   hydra-host tls generate-dummy-certificate [command options] [arguments...]
 
 OPTIONS:
    -c, --certificate-file-path "tls-cert.pem"   Where to save the private key PEM file

account/postgres/store_test.go

@@ -5,6 +5,7 @@ import (
 	"github.com/ory-am/common/pkg"
 	"github.com/ory-am/dockertest"
 	"github.com/ory-am/hydra/hash"
+	"github.com/pborman/uuid"
 	"github.com/stretchr/testify/assert"
 	"log"
 	"os"
@@ -44,15 +45,17 @@ func TestNotFound(t *testing.T) {
 }
 
 func TestCreateAndGetCases(t *testing.T) {
+	a := uuid.New()
+	b := uuid.New()
 	for _, c := range []struct {
 		data  []string
 		extra string
 		pass  bool
 		find  bool
 	}{
-		{[]string{"1", "1@bar", "secret"}, `{"foo": "bar"}`, true, true},
-		{[]string{"1", "1@foo", "secret"}, `{"foo": "bar"}`, false, true},
-		{[]string{"2", "1@bar", "secret"}, `{"foo": "bar"}`, false, false},
+		{[]string{a, "1@bar", "secret"}, `{"foo": "bar"}`, true, true},
+		{[]string{a, "1@foo", "secret"}, `{"foo": "bar"}`, false, true},
+		{[]string{b, "1@bar", "secret"}, `{"foo": "bar"}`, false, false},
 	} {
 		result, err := store.Create(c.data[0], c.data[1], c.data[2], c.extra)
 		if c.pass {
@@ -85,56 +88,59 @@ func TestCreateAndGetCases(t *testing.T) {
 }
 
 func TestDelete(t *testing.T) {
-	_, err := store.Create("2", "2@bar", "secret", `{"foo": "bar"}`)
+	id := uuid.New()
+	_, err := store.Create(id, "2@bar", "secret", `{"foo": "bar"}`)
 	assert.Nil(t, err)
 
-	_, err = store.Get("2")
+	_, err = store.Get(id)
 	assert.Nil(t, err)
 
-	err = store.Delete("2")
+	err = store.Delete(id)
 	assert.Nil(t, err)
 
-	_, err = store.Get("2")
+	_, err = store.Get(id)
 	assert.NotNil(t, err)
 }
 
 func TestUpdateEmail(t *testing.T) {
-	_, err := store.Create("3", "3@bar", "secret", `{"foo": "bar"}`)
+	id := uuid.New()
+	_, err := store.Create(id, "3@bar", "secret", `{"foo": "bar"}`)
 	assert.Nil(t, err)
 
-	_, err = store.UpdateEmail("3", "3@foo", "wrong secret")
+	_, err = store.UpdateEmail(id, "3@foo", "wrong secret")
 	assert.NotNil(t, err)
 
-	_, err = store.UpdateEmail("3", "3@foo", "secret")
+	_, err = store.UpdateEmail(id, "3@foo", "secret")
 	assert.Nil(t, err)
 
-	r, err := store.Get("3")
+	r, err := store.Get(id)
 	assert.Nil(t, err)
 
-	assert.Equal(t, "3", r.GetID())
+	assert.Equal(t, id, r.GetID())
 	assert.Equal(t, "3@foo", r.GetEmail())
 	assert.NotEqual(t, "secret", r.GetPassword())
 }
 
 func TestUpdatePassword(t *testing.T) {
-	account, err := store.Create("4", "4@bar", "old secret", `{"foo": "bar"}`)
+	id := uuid.New()
+	account, err := store.Create(id, "4@bar", "old secret", `{"foo": "bar"}`)
 	assert.Nil(t, err)
 
-	_, err = store.UpdatePassword("4", "wrong old secret", "new secret")
+	_, err = store.UpdatePassword(id, "wrong old secret", "new secret")
 	assert.NotNil(t, err)
 
-	updatedAccount, err := store.UpdatePassword("4", "old secret", "new secret")
+	updatedAccount, err := store.UpdatePassword(id, "old secret", "new secret")
 	assert.Nil(t, err)
 
-	resultAccount, err := store.Get("4")
+	resultAccount, err := store.Get(id)
 	assert.Nil(t, err)
 
 	assert.Equal(t, updatedAccount.GetPassword(), resultAccount.GetPassword())
 	assert.NotEqual(t, account.GetPassword(), resultAccount.GetPassword())
 }
 
 func TestAuthenticate(t *testing.T) {
-	account, err := store.Create("5", "5@bar", "secret", `{"foo": "bar"}`)
+	account, err := store.Create(uuid.New(), "5@bar", "secret", `{"foo": "bar"}`)
 	assert.Nil(t, err)
 
 	_, err = store.Authenticate("5@bar", "wrong secret")

cli/hydra-host/handler/user.go → cli/hydra-host/handler/account.go

@@ -5,10 +5,9 @@ import (
 	"github.com/codegangsta/cli"
 	"github.com/howeyc/gopass"
 	"github.com/pborman/uuid"
-	"log"
 )
 
-type User struct {
+type Account struct {
 	Ctx *Context
 }
 
@@ -28,10 +27,10 @@ func getPassword() (password string) {
 	return
 }
 
-func (c *User) Create(ctx *cli.Context) {
+func (c *Account) Create(ctx *cli.Context) error {
 	email := ctx.Args().First()
 	if email == "" {
-		log.Fatalf("Please provide an email address.")
+		return fmt.Errorf("Please provide an email address.")
 	}
 	password := ctx.String("password")
 	if password == "" {
@@ -41,15 +40,15 @@ func (c *User) Create(ctx *cli.Context) {
 	c.Ctx.Start()
 	user, err := c.Ctx.Accounts.Create(uuid.New(), email, password, "{}")
 	if err != nil {
-		log.Fatalf("%s", err)
+		return fmt.Errorf("Could not create account because %s", err)
 	}
 
-	fmt.Printf(`Created user as "%s".`+"\n", user.GetID())
-
+	fmt.Printf(`Created account as "%s".`+"\n", user.GetID())
 	if ctx.Bool("as-superuser") {
 		if err := c.Ctx.Policies.Create(superUserPolicy(user.GetID())); err != nil {
-			log.Fatalf("%s", err)
+			return fmt.Errorf("Could not create policy for account because %s", err)
 		}
-		fmt.Printf(`Granted superuser privileges to user "%s".`+"\n", user.GetID())
+		fmt.Printf(`Granted superuser privileges to account "%s".`+"\n", user.GetID())
 	}
+	return nil
 }

cli/hydra-host/handler/client.go

@@ -3,7 +3,6 @@ package handler
 import (
 	"fmt"
 	"github.com/RangelReale/osin"
-	log "github.com/Sirupsen/logrus"
 	"github.com/codegangsta/cli"
 	"github.com/ory-am/common/rand/sequence"
 	"github.com/pborman/uuid"
@@ -13,7 +12,7 @@ type Client struct {
 	Ctx *Context
 }
 
-func (c *Client) Create(ctx *cli.Context) {
+func (c *Client) Create(ctx *cli.Context) error {
 	id := ctx.String("id")
 	if id == "" {
 		id = uuid.New()
@@ -22,7 +21,7 @@ func (c *Client) Create(ctx *cli.Context) {
 	secret := ctx.String("secret")
 	if secret == "" {
 		if seq, err := sequence.RuneSequence(10, sequence.AlphaNum); err != nil {
-			log.Fatalf("err")
+			return fmt.Errorf("Could not create rune sequence because %s", err)
 		} else {
 			secret = string(seq)
 		}
@@ -37,15 +36,15 @@ func (c *Client) Create(ctx *cli.Context) {
 
 	c.Ctx.Start()
 	if err := c.Ctx.Osins.CreateClient(client); err != nil {
-		log.Fatalf("%s", err)
+		return fmt.Errorf("Could not create client because %s", err)
 	}
-
 	fmt.Printf(`Created client "%s" with secret "%s" and redirect url "%s".`+"\n", client.Id, client.Secret, client.RedirectUri)
 
 	if ctx.Bool("as-superuser") {
 		if err := c.Ctx.Policies.Create(superUserPolicy(client.Id)); err != nil {
-			log.Fatalf("%s", err)
+			return fmt.Errorf("Could not create policy for client because %s", err)
 		}
 		fmt.Printf(`Granted superuser privileges to client "%s".`+"\n", client.Id)
 	}
+	return nil
 }

cli/hydra-host/handler/context.go

@@ -24,6 +24,7 @@ type Context struct {
 }
 
 func (c *Context) Start() {
+	getEnv()
 	db, err := sql.Open("postgres", databaseURL)
 	if err != nil {
 		log.Fatal(err)

cli/hydra-host/handler/core.go

@@ -13,8 +13,8 @@ import (
 	"github.com/ory-am/hydra/oauth/provider"
 	policies "github.com/ory-am/hydra/policy/handler"
 	"github.com/ory-am/ladon/guard"
-	"log"
 
+	"fmt"
 	"golang.org/x/net/http2"
 	"net/http"
 )
@@ -34,17 +34,17 @@ type Core struct {
 	audience string
 }
 
-func (c *Core) Start(ctx *cli.Context) {
+func (c *Core) Start(ctx *cli.Context) error {
 	c.Ctx.Start()
 
 	private, err := jwt.LoadCertificate(jwtPrivateKeyPath)
 	if err != nil {
-		log.Fatalf("Could not load private key: %s", err)
+		return fmt.Errorf("Could not load private key: %s", err)
 	}
 
 	public, err := jwt.LoadCertificate(jwtPublicKeyPath)
 	if err != nil {
-		log.Fatalf("Could not load public key: %s", err)
+		return fmt.Errorf("Could not load public key: %s", err)
 	}
 
 	j := jwt.New(private, public)
@@ -82,5 +82,9 @@ func (c *Core) Start(ctx *cli.Context) {
 		Addr: listenOn,
 	}
 	http2.ConfigureServer(srv, &http2.Server{})
-	log.Fatal(srv.ListenAndServeTLS(tlsCertPath, tlsKeyPath))
+	err = srv.ListenAndServeTLS(tlsCertPath, tlsKeyPath)
+	if err != nil {
+		return fmt.Errorf("Could not serve HTTP/2 server because %s", err)
+	}
+	return nil
 }